[Phpmyadmin-git] [phpmyadmin/phpmyadmin] 4bb85f: 4.1.14 release - Git

4 Dec 2014


      Branch: refs/heads/QA_4_1
  Home:   https://github.com/phpmyadmin/phpmyadmin
  Commit: 4bb85f59a4c9560afb9cb1001e83e6a291ce3765
      https://github.com/phpmyadmin/phpmyadmin/commit/4bb85f59a4c9560afb9cb1001e83...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-04-26 (Sat, 26 Apr 2014)
Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: daa98d0c7ed24b529dc5df0d5905873acd0b00be
      https://github.com/phpmyadmin/phpmyadmin/commit/daa98d0c7ed24b529dc5df0d5905...
  Author: Ann + J.M phpMyAdmin@ZweiSteinSoft.de
  Date:   2014-06-21 (Sat, 21 Jun 2014)
Changed paths:
    M libraries/navigation/Navigation.class.php
    M libraries/navigation/Nodes/Node_DatabaseChild.class.php
Log Message:
  -----------
  Fix XSS in Hide navigation items feature
Signed-off-by: Ann + J.M phpMyAdmin@ZweiSteinSoft.de
Commit: d143c549f92f4d5eeec50ba0d21b301e466c0d95
      https://github.com/phpmyadmin/phpmyadmin/commit/d143c549f92f4d5eeec50ba0d21b...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-06-21 (Sat, 21 Jun 2014)
Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14.1 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 45550b8cff06ad128129020762f9b53d125a6934
      https://github.com/phpmyadmin/phpmyadmin/commit/45550b8cff06ad128129020762f9...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-07-15 (Tue, 15 Jul 2014)
Changed paths:
    M ChangeLog
    M server_user_groups.php
Log Message:
  -----------
  bug #4491 [security] Missing validation for accessing User groups feature
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 511c596b175889b8e6b9c423e352ca64fa20af2b
      https://github.com/phpmyadmin/phpmyadmin/commit/511c596b175889b8e6b9c423e352...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-07-17 (Thu, 17 Jul 2014)
Changed paths:
    M ChangeLog
    M libraries/rte/rte_list.lib.php
Log Message:
  -----------
  bug #4488 [security] XSS injection due to unescaped table name (triggers)
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: cd5697027a2ee7e1f7d7000b23be6051cdb0516c
      https://github.com/phpmyadmin/phpmyadmin/commit/cd5697027a2ee7e1f7d7000b23be...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-07-17 (Thu, 17 Jul 2014)
Changed paths:
    M ChangeLog
    M js/functions.js
    M js/tbl_structure.js
Log Message:
  -----------
  bug #4492 [security] XSS in AJAX confirmation messages
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 2a211a595f6eb54db3d842ee23b6ff22ac608a14
      https://github.com/phpmyadmin/phpmyadmin/commit/2a211a595f6eb54db3d842ee23b6...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-07-17 (Thu, 17 Jul 2014)
Changed paths:
    M ChangeLog
    M server_user_groups.php
Log Message:
  -----------
  Fix merge conflict
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 0f781c803cf70b386736f079b883695fec08cfcb
      https://github.com/phpmyadmin/phpmyadmin/commit/0f781c803cf70b386736f079b883...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-07-17 (Thu, 17 Jul 2014)
Changed paths:
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14.2 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 65eef3d65411b985250487e14f1121754a91c6d5
      https://github.com/phpmyadmin/phpmyadmin/commit/65eef3d65411b985250487e14f11...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-08-06 (Wed, 06 Aug 2014)
Changed paths:
    M ChangeLog
    M js/functions.js
Log Message:
  -----------
  bug #4505 [security] XSS in view operations page
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 2d394521197f81dce0d9529b2d86ed24760b5b2a
      https://github.com/phpmyadmin/phpmyadmin/commit/2d394521197f81dce0d9529b2d86...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-08-17 (Sun, 17 Aug 2014)
Changed paths:
    M ChangeLog
    M js/sql.js
Log Message:
  -----------
  bug #4501 [security] XSS in table browse page
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 1956420ddab0595016ba2b3af89f7f82d39f5afa
      https://github.com/phpmyadmin/phpmyadmin/commit/1956420ddab0595016ba2b3af89f...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-08-17 (Sun, 17 Aug 2014)
Changed paths:
    M ChangeLog
    M js/functions.js
Log Message:
  -----------
  bug #4502 [security] Self-XSS in enum value editor
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 69f746b7dc09f7b1a18b09de0b5cd71f0bcd0a3d
      https://github.com/phpmyadmin/phpmyadmin/commit/69f746b7dc09f7b1a18b09de0b5c...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-08-17 (Sun, 17 Aug 2014)
Changed paths:
    M ChangeLog
    M js/server_status_monitor.js
Log Message:
  -----------
  bug #4503 [security] Self-XSSes in monitor
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: bbd20b54864a389c7a0cd2c4d4715f00b81a03e9
      https://github.com/phpmyadmin/phpmyadmin/commit/bbd20b54864a389c7a0cd2c4d471...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-08-17 (Sun, 17 Aug 2014)
Changed paths:
    M ChangeLog
    M js/tbl_chart.js
Log Message:
  -----------
  bug #4504 [security] Self-XSS in query charts
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 5519905a2519d9a102b172432448c7e91d5601a6
      https://github.com/phpmyadmin/phpmyadmin/commit/5519905a2519d9a102b172432448...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-08-17 (Sun, 17 Aug 2014)
Changed paths:
    M ChangeLog
    M libraries/tbl_relation.lib.php
Log Message:
  -----------
  bug #4517 [security] XSS in relation view
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 54d738568bac627afdb3b7dad22787fcc17956e9
      https://github.com/phpmyadmin/phpmyadmin/commit/54d738568bac627afdb3b7dad227...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-08-17 (Sun, 17 Aug 2014)
Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14.3 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 621772aa0d19d5f3ac21af2611c1dbda9b356506
      https://github.com/phpmyadmin/phpmyadmin/commit/621772aa0d19d5f3ac21af2611c1...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-09-13 (Sat, 13 Sep 2014)
Changed paths:
    M ChangeLog
    M js/ajax.js
    A js/whitelist.php
    M libraries/Header.class.php
    M libraries/Scripts.class.php
Log Message:
  -----------
  bug #4530 [security] DOM based XSS that results to a CSRF that creates a ROOT account in certain conditions
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 247ebb60778991ba35ca9d9803833e177e2c1c81
      https://github.com/phpmyadmin/phpmyadmin/commit/247ebb60778991ba35ca9d980383...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-09-13 (Sat, 13 Sep 2014)
Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14.4 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 71ccbbc423bcfd14ba40174b3adcd9a0fafaa511
      https://github.com/phpmyadmin/phpmyadmin/commit/71ccbbc423bcfd14ba40174b3adc...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-10-01 (Wed, 01 Oct 2014)
Changed paths:
    M libraries/TableSearch.class.php
    M libraries/Util.class.php
Log Message:
  -----------
  [security] XSS with malicious ENUM values
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: ed89810fb0a2a57d663ff2dc51a36c75ddff99fb
      https://github.com/phpmyadmin/phpmyadmin/commit/ed89810fb0a2a57d663ff2dc51a3...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-10-01 (Wed, 01 Oct 2014)
Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14.5 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: f989e2a94cb75158d33330e0e29f9b54ce3d7c07
      https://github.com/phpmyadmin/phpmyadmin/commit/f989e2a94cb75158d33330e0e29f...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-10-21 (Tue, 21 Oct 2014)
Changed paths:
    M ChangeLog
    M libraries/DatabaseInterface.class.php
Log Message:
  -----------
  bug #4562 [security] XSS in debug SQL output
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 0092f608d37d0ce7acea30ec9e7e995ef1a6e06c
      https://github.com/phpmyadmin/phpmyadmin/commit/0092f608d37d0ce7acea30ec9e7e...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-10-21 (Tue, 21 Oct 2014)
Changed paths:
    M ChangeLog
    M js/server_status_monitor.js
Log Message:
  -----------
  bug #4563 [security] XSS in monitor query analyzer
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 2bb64187aef6a2fd68fbffad60ff7bb226137c53
      https://github.com/phpmyadmin/phpmyadmin/commit/2bb64187aef6a2fd68fbffad60ff...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-10-21 (Tue, 21 Oct 2014)
Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14.6 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: c641ad40c37bc562226c8a25cce77a273a07756b
      https://github.com/phpmyadmin/phpmyadmin/commit/c641ad40c37bc562226c8a25cce7...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-11-17 (Mon, 17 Nov 2014)
Changed paths:
    M ChangeLog
    M libraries/error_report.lib.php
Log Message:
  -----------
  bug #4596 [security] XSS through exception stack
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: da44dd4fd7432b915203e3e723a4534a01c12cd9
      https://github.com/phpmyadmin/phpmyadmin/commit/da44dd4fd7432b915203e3e723a4...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-11-17 (Mon, 17 Nov 2014)
Changed paths:
    M ChangeLog
    M libraries/error_report.lib.php
Log Message:
  -----------
  bug #4595 [security] Path traversal can lead to leakage of line count
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 47a6ece0427a23c47f2b1a88dfb0f46ca344aaec
      https://github.com/phpmyadmin/phpmyadmin/commit/47a6ece0427a23c47f2b1a88dfb0...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-11-20 (Thu, 20 Nov 2014)
Changed paths:
    M ChangeLog
    M libraries/tbl_printview.lib.php
Log Message:
  -----------
  bug #4578 [security] XSS vulnerability in table print view
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 816fa880060f37932be291d2918fd5c6ac474ab5
      https://github.com/phpmyadmin/phpmyadmin/commit/816fa880060f37932be291d2918f...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-11-20 (Thu, 20 Nov 2014)
Changed paths:
    M ChangeLog
    M tbl_zoom_select.php
Log Message:
  -----------
  bug #4579 [security] XSS vulnerability in zoom search page
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 59557b51362edc5eee024f3f2912a9d598e42763
      https://github.com/phpmyadmin/phpmyadmin/commit/59557b51362edc5eee024f3f2912...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-11-20 (Thu, 20 Nov 2014)
Changed paths:
    M ChangeLog
    M libraries/gis/pma_gis_factory.php
Log Message:
  -----------
  bug #4594 [security] Path traversal in file inclusion of GIS factory
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 60c619fa1679a7c4fe09657da293e84dde02eede
      https://github.com/phpmyadmin/phpmyadmin/commit/60c619fa1679a7c4fe09657da293...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-11-20 (Thu, 20 Nov 2014)
Changed paths:
    M ChangeLog
    M libraries/mult_submits.lib.php
Log Message:
  -----------
  bug #4598 [security] XSS in multi submit
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: cea7c5fba8224b8380f2a83a689eb6caa6c79662
      https://github.com/phpmyadmin/phpmyadmin/commit/cea7c5fba8224b8380f2a83a689e...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-11-20 (Thu, 20 Nov 2014)
Changed paths:
    M ChangeLog
    M libraries/Config.class.php
    M libraries/Theme.class.php
Log Message:
  -----------
  bug #4597 [security] XSS through pma_fontsize cookie
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 23ef01973a3bdbdbf8920d922fa89673a3ad9da1
      https://github.com/phpmyadmin/phpmyadmin/commit/23ef01973a3bdbdbf8920d922fa8...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-11-20 (Thu, 20 Nov 2014)
Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14.7 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 62b2c918d26cc78d1763945e3d44d1a63294a819
      https://github.com/phpmyadmin/phpmyadmin/commit/62b2c918d26cc78d1763945e3d44...
  Author: Madhura Jayaratne madhura.cj@gmail.com
  Date:   2014-12-02 (Tue, 02 Dec 2014)
Changed paths:
    M ChangeLog
    M libraries/common.inc.php
    M libraries/plugins/AuthenticationPlugin.class.php
    M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
  -----------
  bug #4611 [security] DOS attack with long passwords
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 8707861365d6d6e6921bee85eb0ab91ddac5c698
      https://github.com/phpmyadmin/phpmyadmin/commit/8707861365d6d6e6921bee85eb0a...
  Author: Marc Delisle marc@infomarc.info
  Date:   2014-12-03 (Wed, 03 Dec 2014)
Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php
Log Message:
  -----------
  4.1.14.8 release
Signed-off-by: Marc Delisle marc@infomarc.info
Commit: 345aa10021154a9afc6ae2ef1d97b1ff378b2ef6
      https://github.com/phpmyadmin/phpmyadmin/commit/345aa10021154a9afc6ae2ef1d97...
  Author: Michal Čihař michal@cihar.com
  Date:   2014-12-04 (Thu, 04 Dec 2014)
Changed paths:
    M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php
Log Message:
  -----------
  Adjust testcase to new split methods
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 3ed40655035c338f8fc46f45473f436dfe3e3e5d
      https://github.com/phpmyadmin/phpmyadmin/commit/3ed40655035c338f8fc46f45473f...
  Author: Michal Čihař michal@cihar.com
  Date:   2014-12-04 (Thu, 04 Dec 2014)
Changed paths:
    M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php
Log Message:
  -----------
  Add missing call to test
Signed-off-by: Michal Čihař michal@cihar.com
Commit: beeba6a787ca2c97baf7ae47aac6069b5ddd5572
      https://github.com/phpmyadmin/phpmyadmin/commit/beeba6a787ca2c97baf7ae47aac6...
  Author: Michal Čihař michal@cihar.com
  Date:   2014-12-04 (Thu, 04 Dec 2014)
Changed paths:
    M ChangeLog
    M js/ajax.js
    M js/functions.js
    M js/server_status_monitor.js
    M js/sql.js
    M js/tbl_chart.js
    M js/tbl_structure.js
    A js/whitelist.php
    M libraries/Config.class.php
    M libraries/DatabaseInterface.class.php
    M libraries/Header.class.php
    M libraries/Scripts.class.php
    M libraries/TableSearch.class.php
    M libraries/Theme.class.php
    M libraries/Util.class.php
    M libraries/common.inc.php
    M libraries/error_report.lib.php
    M libraries/gis/pma_gis_factory.php
    M libraries/mult_submits.lib.php
    M libraries/navigation/Navigation.class.php
    M libraries/navigation/Nodes/Node_DatabaseChild.class.php
    M libraries/plugins/AuthenticationPlugin.class.php
    M libraries/plugins/auth/AuthenticationCookie.class.php
    M libraries/rte/rte_list.lib.php
    M libraries/tbl_printview.lib.php
    M libraries/tbl_relation.lib.php
    M server_user_groups.php
    M tbl_zoom_select.php
    M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php
Log Message:
  -----------
  Merge branch 'MAINT_4_1_14' into QA_4_1
Conflicts:
    ChangeLog
    README
    doc/conf.py
    libraries/Config.class.php
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/ba60e5a72313...beeba6a787ca